Adobe Systems today released a security bulletin addressing the vulnerabilities in Flash Player, Flex and Cold Fusion. As mentioned in the bulletin, the present version of Adobe Flash Player was vulnerable and could potentially allow the attackers to take control of the affected system.

A security advisory released by the company states, “Adobe is aware of a report that an exploit for CVE-2015-3043 exists in the wild and recommends users update their product installations to the latest versions.”

The company recommends users to update their product installations to the latest versions of software.

Product Installed

Suggested Update

Adobe Flash Player desktop runtime (Win & Mac)

Adobe Flash Player 17.0.0.169

Adobe Flash Player Extended Support Release

Adobe Flash Player 13.0.0.281

Adobe Flash Player for Linux

Adobe Flash Player 11.2.202.457

The company further added in the report that Adobe Flash Player installed with Internet Explorer and Google Chrome will automatically update to version 17.0.0.169 when available.

The latest security report also added the hotfixes for ColdFusion versions 11 and 10, addressing an input validation issue exploited by attackers in cross-site scripting attack. The company suggests that ColdFusion users update their installations and to apply the security configuration settings, using password authentication and configure sandbox security.

The next important vulnerability was identified in JavaScript output of ASDoc tool in Adobe Flex 4.6 and earlier versions and could lead to cross-site scripting. Users can remediate this vulnerability by downloading the index.html file and modifying the existing index.html file.

These vulnerabilities may lead to a reflected cross-site scripting attack and can also allow the attackers to take control of your system. Users and administrators are encouraged to review the Adobe Security Bulletin and patch these vulnerabilities.

Shiwangi Peswani is a qualified writer and a blogger, who loves to dabble with and write about computers and the Internet. While focusing on and writing on technology topics, her varied skills and experience enables her to write on any topics which may interest her.